Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sylabs singularity vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-30549
Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. Tha...
Lfprojects Apptainer
Sylabs Singularity
Redhat Enterprise Linux 7.0
NA
CVE-2022-23538
github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services (SCS) Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library servic...
Sylabs Singularity Container Services Library 1.3.3
Sylabs Singularity Container Services Library 1.4.0
Sylabs Singularity Container Services Library 1.4.1
Sylabs Singularity Container Services Library 1.3.2
NA
CVE-2022-39237
syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions before 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. A patch is avail...
Sylabs Singularity Image Format
7.5
CVSSv2
CVE-2021-33027
Sylabs Singularity Enterprise up to and including 1.6.2 has Insufficient Entropy in a nonce.
Sylabs Singularity
6.8
CVSSv2
CVE-2021-33622
Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO prior to 3.5-8, has an Incorrect Check of a Function's Return Value.
Sylabs Singularity
Sylabs Singularitypro
6.8
CVSSv2
CVE-2021-32635
Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, `singularity` action commands (`run`/`shell`/`exec`) specifying a container using a `library://` URI will always attempt to retrieve the container from the default...
Sylabs Singularity 3.7.2
Sylabs Singularity 3.7.3
4
CVSSv2
CVE-2021-29499
SIF is an open source implementation of the Singularity Container Image Format. The `siftool new` command and func siftool.New() produce predictable UUID identifiers due to insecure randomness in the version of the `github.com/satori/go.uuid` module used as a dependency. A patch ...
5.8
CVSSv2
CVE-2020-15229
Singularity (an open source container platform) from version 3.1.1 up to and including 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`, it is possible to overwrite/create any files on the host filesystem ...
Sylabs Singularity
Opensuse Leap 15.1
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
5.5
CVSSv2
CVE-2020-25039
Sylabs Singularity 3.2.0 up to and including 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.
Sylabs Singularity
Opensuse Leap 15.1
Opensuse Leap 15.2
6.5
CVSSv2
CVE-2020-25040
Sylabs Singularity up to and including 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.
Sylabs Singularity
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »